Talk 1: IPv6 for Pentesters: 20 Mins
Owen delievered a brief talk on IPv6 and the associated security implications that may impact your network. During the talk, he looked at common configurations and how these might be abused by just viewing the target from a different perspective.
Owen Shearing is an avid technology enthusiast who has worked in IT for several years, of which the latter 6 have been within the security field. He has been a trainer for our Advanced Infrastructure course at several Blackhat events over the past 12 months.
Talk 2: Down by the Docker: 20 Mins
Anant Shrivastava touched on some of the techniques we carry out when performing Docker assessments. Most of the time we have to treat Docker containers as ‘normal targets’, but it’s always good to know what’s available to us should we be successful in our exploitation attempts!
Vulnerable Docker VM was also released during the session.
Anant Shrivastava is an information security professional with 9+ yrs of corporate experience with expertise in Mobile, application and Linux Security. He has trained ~400 delegates at various conferences (Blackhat US / EU / ASIA, Nullcon – 2015, g0s – 2013, c0c0n – 2013, Nullcon – 2012). Co-author for OWASP Testing guide version4. He is also a lead for project AndroidTamer (www.androidtamer.com)
Talk 3: Custom rules & broken tools: 20 Mins
Will’s talk covered hashcat ruleset optimisations, showing how custom rules can maximise password cracking efficiency. He then moved onto password length and tool limitations, showing how common tools sometimes don’t crack passwords even when we guess correctly!
Will Hunt is an Associate Director @NotSoSecure. He’s worked in InfoSec for nearly 10 years, most recently as a penetration tester and formerly a digital forensic investigator. He’s delivered infrastructure hacking training at Blackhat US as well as other pentest and digital forensic training in the past.